Merge branch 'master' into v2_lib

rony-vargas · Sep 29, 2020 · fa66a61 · fa66a61
2 parents 6771451 + 1001584
commit fa66a61
Show file tree

Hide file tree

Showing 21 changed files with 103 additions and 61 deletions.
diff --git a/.github/workflows/cargo_clippy.yml b/.github/workflows/cargo_clippy.yml
@@ -0,0 +1,32 @@
+---
+name: Cargo Clippy
+on:
+  push:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  cargo_clippy:
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: "true"
+      - uses: actions-rs/toolchain@v1
+        with:
+          target: thumbv7em-none-eabi
+          components: clippy
+      - uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Install Python dependencies
+        run: python -m pip install --upgrade pip setuptools wheel
+      - name: Set up OpenSK
+        run: ./setup.sh
+
+      - uses: actions-rs/clippy-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          args: --all-targets --features std
+      - name: Deny Clippy warnings
+        run: cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
diff --git a/.gitignore b/.gitignore
@@ -1,11 +1,13 @@
-bin/
 target/
 Cargo.lock
 
+# Local installation of elf2tab.
+/elf2tab/
+
 # Prevent people from commiting sensitive files.
-crypto_data/
+/crypto_data/
 
 # Temporary files.
-reproducible/binaries.sha256sum
-reproducible/elf2tab.txt
-reproducible/reproduced.tar
+/reproducible/binaries.sha256sum
+/reproducible/elf2tab.txt
+/reproducible/reproduced.tar
diff --git a/deploy.py b/deploy.py
@@ -404,9 +404,9 @@ def create_tab_file(self, binaries):
     assert self.args.application
     info("Generating Tock TAB file for application/example {}".format(
         self.args.application))
-    elf2tab_ver = self.checked_command_output(["bin/elf2tab",
-                                               "--version"]).split(
-                                                   "\n", maxsplit=1)[0]
+    elf2tab_ver = self.checked_command_output(
+        ["elf2tab/bin/elf2tab", "--version"]).split(
+            "\n", maxsplit=1)[0]
     if elf2tab_ver != "elf2tab 0.6.0":
       error(
           ("Detected unsupported elf2tab version {!a}. The following "
@@ -415,7 +415,7 @@ def create_tab_file(self, binaries):
     tab_filename = os.path.join(self.tab_folder,
                                 "{}.tab".format(self.args.application))
     elf2tab_args = [
-        "bin/elf2tab", "--deterministic", "--package-name",
+        "elf2tab/bin/elf2tab", "--deterministic", "--package-name",
         self.args.application, "-o", tab_filename
     ]
     if self.args.verbose_build:

diff --git a/examples/console_test.rs b/examples/console_test.rs
@@ -23,8 +23,8 @@ fn main() {
     let mut buf = [0; BUFFER_SIZE];
     loop {
         for i in 1..buf.len() {
-            for j in 0..i {
-                buf[j] = b'0' + ((i % 10) as u8);
+            for byte in buf.iter_mut().take(i) {
+                *byte = b'0' + ((i % 10) as u8);
             }
             buf[i] = b'\n';
             Console::write_unbuffered(&mut buf[..(i + 1)]);

diff --git a/examples/crypto_bench.rs b/examples/crypto_bench.rs
@@ -151,7 +151,7 @@ fn main() {
 
 fn bench<F>(console: &mut Console, timer: &Timer, title: &str, mut f: F)
 where
-    F: FnMut() -> (),
+    F: FnMut(),
 {
     writeln!(console, "****************************************").unwrap();
     writeln!(console, "Benchmarking: {}", title).unwrap();

diff --git a/libraries/crypto/src/ec/int256.rs b/libraries/crypto/src/ec/int256.rs
@@ -554,6 +554,7 @@ impl Add for &Int256 {
     type Output = (Int256, Digit);
 
     // Returns sum and carry (0 or 1).
+    #[allow(clippy::suspicious_arithmetic_impl)]
     fn add(self, other: &Int256) -> (Int256, Digit) {
         let mut digits = [0; NDIGITS];
         let mut carry: DoubleDigit = 0;
@@ -570,6 +571,7 @@ impl Add for &Int256 {
 
 impl AddAssign<&Int256> for Int256 {
     // Adds to self, ignoring carry.
+    #[allow(clippy::suspicious_op_assign_impl)]
     fn add_assign(&mut self, other: &Int256) {
         let mut carry: DoubleDigit = 0;
         for i in 0..NDIGITS {
@@ -584,6 +586,7 @@ impl Add<Digit> for &Int256 {
     type Output = (Int256, Digit);
 
     // Returns sum and carry (0 or 1).
+    #[allow(clippy::suspicious_arithmetic_impl)]
     fn add(self, digit: Digit) -> (Int256, Digit) {
         let mut digits = [0; NDIGITS];
         let mut carry = digit as DoubleDigit;
@@ -603,6 +606,7 @@ impl Sub for &Int256 {
     type Output = (Int256, Digit);
 
     // Returns difference and borrow (0 or -1).
+    #[allow(clippy::suspicious_arithmetic_impl)]
     fn sub(self, other: &Int256) -> (Int256, Digit) {
         let mut digits = [0; NDIGITS];
         let mut borrow: SignedDoubleDigit = 0;
@@ -620,6 +624,7 @@ impl Sub for &Int256 {
 
 impl SubAssign<&Int256> for Int256 {
     // Substract from self, ignoring carry.
+    #[allow(clippy::suspicious_op_assign_impl)]
     fn sub_assign(&mut self, other: &Int256) {
         let mut borrow: SignedDoubleDigit = 0;
         for i in 0..NDIGITS {

diff --git a/reproducible/reference_binaries_macos-10.15.sha256sum b/reproducible/reference_binaries_macos-10.15.sha256sum
@@ -1,9 +1,9 @@
 dd5920dfb172d9371b29d019b6a37fae1a995bf9d814000944d9ef36bad31513	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-1518f10da8515c321dcb19847701dcf15511e44d8a9b80576cb36e13258353fb	target/nrf52840dk_merged.hex
+8868f4fa542d9dd9c88abfbd84b4527bcd2f4b9ae16caf3098a3d5e73eae0067	target/nrf52840dk_merged.hex
 e4acfa602a5cc5d7c61d465f873918e8e0858628d0e5f8e0db26a7b7dd0b94d4	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-ba5c294725ba98230427601ab9e09291b3de10d60a78a5e1078ac2357c991fb7	target/nrf52840_dongle_merged.hex
+c162cfdd219306940f919716a4f53d053b0bcfed2963f8787e1098a5163ae704	target/nrf52840_dongle_merged.hex
 c0ace9f13ef3fd18c576a735ae23b3956bf8dd346f20c6217086e748d6bad8a2	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-e33940f7277c16825e847762d23a4eea3ad8fe104f20b858ef339687c74e81bc	target/nrf52840_dongle_dfu_merged.hex
+c1e79ad3aa2c9566c13c5469a389195a3814839b815253ffc4f5325329496b26	target/nrf52840_dongle_dfu_merged.hex
 06a38a0d6d356145467a73c765e28a945878f663664016f888393207097bfe10	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-152f6a7d0eba3ce7e9577bc90d6cb7466cf1eacb5e257ae1d8d09794b504ab38	target/nrf52840_mdk_dfu_merged.hex
-49d5b242ae2d63b0d243cea3271c2847d074a5fd15798c728c841126cdfe86ee	target/tab/ctap2.tab
+d0b23e0dd0c349ded966fb5563a5a65c3935710d1741ade0ae7d9e06a176f442	target/nrf52840_mdk_dfu_merged.hex
+aacf3873a90bf93f0c51ccc85d0c03642d078865d16c4aeb0b805d1f6865e6ba	target/tab/ctap2.tab
diff --git a/reproducible/reference_binaries_ubuntu-18.04.sha256sum b/reproducible/reference_binaries_ubuntu-18.04.sha256sum
@@ -1,9 +1,9 @@
 2426ee9a6c75e325537818081d45445d95468a4c0a77feacdc6133d7d9aa227a	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840dk.bin
-f8c54ac3f2e153e3cf6d4651663fc12df1f3d61fefd40f953b3181c4d9e8b43c	target/nrf52840dk_merged.hex
+c8507168c7e81d388641177c17c917b7473c8fe27849678cc7e558c64b33e9f5	target/nrf52840dk_merged.hex
 c53d1e1db72df25950fa6d28699a2d38757def0dcbeb0d09d2366481cf0149a6	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle.bin
-1fff9a157e779d92245420053147dc8e894ea281f4de2a524ab6d815614b050a	target/nrf52840_dongle_merged.hex
+103888792b1b81a50e16746f1e2e2bee7cc01599881c464b56d9d7f6ae856c3e	target/nrf52840_dongle_merged.hex
 233b5ba4459523759e3171cee83cdb3a383bbe65727c8ece64dfe5321d6ebe34	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_dongle_dfu.bin
-5597a6c3c4a9b1bd72d0d377b084b17627301043724fd1e67fe7d87f0e2fab25	target/nrf52840_dongle_dfu_merged.hex
+ca1847ac82a3b3498f79918746f5662863033a0c69300d669e466701f485e3d9	target/nrf52840_dongle_dfu_merged.hex
 1baaf518a74c6077cb936d9cf178b6dd0232e7562fa56174886b05b77886cc32	third_party/tock/target/thumbv7em-none-eabi/release/nrf52840_mdk_dfu.bin
-53801f162b40c861ab2612c2972fe363889c7c7c313e6f80c1c68ce2dc8049fb	target/nrf52840_mdk_dfu_merged.hex
-d7146c0b30cc08a34531895c37420bdd36056ffcb5f537b92ee34876a42557a6	target/tab/ctap2.tab
+97f89caa930fde44193d16e3f396584de6044ca4c46092c7275b5b44b9eed774	target/nrf52840_mdk_dfu_merged.hex
+7e05f90206506e78aa9eec0b1495bf3548d7a0446722c1f40b3a84f674d2ca0e	target/tab/ctap2.tab
diff --git a/reproducible/reference_elf2tab_macos-10.15.txt b/reproducible/reference_elf2tab_macos-10.15.txt
@@ -6,8 +6,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -30,8 +30,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -54,8 +54,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -78,8 +78,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2

diff --git a/reproducible/reference_elf2tab_ubuntu-18.04.txt b/reproducible/reference_elf2tab_ubuntu-18.04.txt
@@ -6,8 +6,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -30,8 +30,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -54,8 +54,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2
@@ -78,8 +78,8 @@ Min RAM size from segments in ELF: 20 bytes
 Number of writeable flash regions: 0
   Adding .crt0_header section. Offset: 64 (0x40). Length: 64 (0x40) bytes.
 Entry point is in .text section
-  Adding .text section. Offset: 128 (0x80). Length: 186976 (0x2da60) bytes.
-  Adding .stack section. Offset: 187104 (0x2dae0). Length: 16384 (0x4000) bytes.
+  Adding .text section. Offset: 128 (0x80). Length: 187008 (0x2da80) bytes.
+  Adding .stack section. Offset: 187136 (0x2db00). Length: 16384 (0x4000) bytes.
 Searching for .rel.X sections to add.
 TBF Header:
                version:        2        0x2

diff --git a/reset.sh b/reset.sh
@@ -26,7 +26,7 @@ while
       # Reset the submodules
       git submodule foreach 'git reset --hard && git clean -fxd'
       # Reset also the main repository
-      git reset --hard && git clean -fxd
+      git reset --hard && git clean -fxd --exclude elf2tab
 
       set +x
       echo "DONE."

diff --git a/run_desktop_tests.sh b/run_desktop_tests.sh
@@ -30,6 +30,9 @@ cd tools/heapviz
 cargo fmt --all -- --check
 cd ../..
 
+echo "Running Clippy lints..."
+cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
+
 echo "Building sha256sum tool..."
 cargo build --manifest-path third_party/tock/tools/sha256sum/Cargo.toml
 echo "Checking that heapviz tool builds properly..."

diff --git a/setup.sh b/setup.sh
@@ -42,4 +42,5 @@ pip3 install --user --upgrade 'tockloader==1.5' six intelhex
 rustup target add thumbv7em-none-eabi
 
 # Install dependency to create applications.
-cargo install elf2tab --version 0.6.0 --root .
+mkdir -p elf2tab
+cargo install elf2tab --version 0.6.0 --root elf2tab/
diff --git a/src/ctap/command.rs b/src/ctap/command.rs
@@ -322,10 +322,7 @@ impl TryFrom<cbor::Value> for AuthenticatorClientPinParameters {
 
         let pin_protocol = extract_unsigned(ok_or_missing(pin_protocol)?)?;
         let sub_command = ClientPinSubCommand::try_from(ok_or_missing(sub_command)?)?;
-        let key_agreement = key_agreement
-            .map(extract_map)
-            .transpose()?
-            .map(|x| CoseKey(x));
+        let key_agreement = key_agreement.map(extract_map).transpose()?.map(CoseKey);
         let pin_auth = pin_auth.map(extract_byte_string).transpose()?;
         let new_pin_enc = new_pin_enc.map(extract_byte_string).transpose()?;
         let pin_hash_enc = pin_hash_enc.map(extract_byte_string).transpose()?;

diff --git a/src/ctap/data_formats.rs b/src/ctap/data_formats.rs
@@ -1252,7 +1252,7 @@ mod test {
         let mut rng = ThreadRng256 {};
         let sk = crypto::ecdh::SecKey::gensk(&mut rng);
         let pk = sk.genpk();
-        let cose_key = CoseKey::from(pk.clone());
+        let cose_key = CoseKey::from(pk);
         let cbor_extensions = cbor_map! {
             "hmac-secret" => cbor_map! {
                 1 => cbor::Value::Map(cose_key.0.clone()),

diff --git a/src/ctap/mod.rs b/src/ctap/mod.rs
@@ -694,7 +694,7 @@ where
             key_id: credential.credential_id.clone(),
             transports: None, // You can set USB as a hint here.
         };
-        let user = if (flags & UV_FLAG != 0) && (credential.user_handle.len() > 0) {
+        let user = if (flags & UV_FLAG != 0) && !credential.user_handle.is_empty() {
             Some(PublicKeyCredentialUserEntity {
                 user_id: credential.user_handle.clone(),
                 user_name: None,

diff --git a/src/ctap/pin_protocol_v1.rs b/src/ctap/pin_protocol_v1.rs
@@ -777,15 +777,15 @@ mod test {
     #[test]
     fn test_process_get_pin_retries() {
         let mut rng = ThreadRng256 {};
-        let mut persistent_store = PersistentStore::new(&mut rng);
+        let persistent_store = PersistentStore::new(&mut rng);
         let pin_protocol_v1 = PinProtocolV1::new(&mut rng);
         let expected_response = Ok(AuthenticatorClientPinResponse {
             key_agreement: None,
             pin_token: None,
             retries: Some(persistent_store.pin_retries().unwrap() as u64),
         });
         assert_eq!(
-            pin_protocol_v1.process_get_pin_retries(&mut persistent_store),
+            pin_protocol_v1.process_get_pin_retries(&persistent_store),
             expected_response
         );
     }

diff --git a/src/ctap/storage.rs b/src/ctap/storage.rs
@@ -88,6 +88,7 @@ const _DEFAULT_MIN_PIN_LENGTH_RP_IDS: Vec<String> = Vec::new();
 #[cfg(feature = "with_ctap2_1")]
 const _MAX_RP_IDS_LENGTH: usize = 8;
 
+#[allow(clippy::enum_variant_names)]
 #[derive(PartialEq, Eq, PartialOrd, Ord)]
 enum Key {
     // TODO(cretin): Test whether this doesn't consume too much memory. Otherwise, we can use less
@@ -264,12 +265,10 @@ impl PersistentStore {
         debug_assert_eq!(entry.tag, TAG_CREDENTIAL);
         let result = deserialize_credential(entry.data);
         debug_assert!(result.is_some());
-        if check_cred_protect
-            && result.as_ref().map_or(false, |cred| {
-                cred.cred_protect_policy
-                    == Some(CredentialProtectionPolicy::UserVerificationRequired)
-            })
-        {
+        let user_verification_required = result.as_ref().map_or(false, |cred| {
+            cred.cred_protect_policy == Some(CredentialProtectionPolicy::UserVerificationRequired)
+        });
+        if check_cred_protect && user_verification_required {
             Ok(None)
         } else {
             Ok(result)
@@ -406,10 +405,11 @@ impl PersistentStore {
             data: pin_hash,
             sensitive: true,
         };
-        Ok(match self.store.find_one(&Key::PinHash) {
+        match self.store.find_one(&Key::PinHash) {
             None => self.store.insert(entry)?,
             Some((index, _)) => self.store.replace(index, entry)?,
-        })
+        }
+        Ok(())
     }
 
     pub fn pin_retries(&self) -> Result<u8, Ctap2StatusCode> {
@@ -673,7 +673,6 @@ fn _serialize_min_pin_length_rp_ids(rp_ids: Vec<String>) -> Result<Vec<u8>, Ctap
 mod test {
     use super::*;
     use crate::ctap::data_formats::{PublicKeyCredentialSource, PublicKeyCredentialType};
-    use crypto;
     use crypto::rng256::{Rng256, ThreadRng256};
 
     fn create_credential_source(
@@ -918,7 +917,7 @@ mod test {
         assert!(persistent_store.store_credential(credential).is_ok());
 
         let no_credential = persistent_store
-            .find_credential("example.com", &vec![0x00], true)
+            .find_credential("example.com", &[0x00], true)
             .unwrap();
         assert_eq!(no_credential, None);
     }
@@ -940,8 +939,8 @@ mod test {
         let master_hmac_key = master_keys_1.hmac.to_vec();
         persistent_store.reset(&mut rng).unwrap();
         let master_keys_3 = persistent_store.master_keys().unwrap();
-        assert!(master_keys_3.encryption != &master_encryption_key[..]);
-        assert!(master_keys_3.hmac != &master_hmac_key[..]);
+        assert!(master_keys_3.encryption != master_encryption_key.as_slice());
+        assert!(master_keys_3.hmac != master_hmac_key.as_slice());
     }
 
     #[test]